Palo_Alto_Networks
SECOPS-PRO · Question #37
SECOPS-PRO Question #37: Real Exam Question with Answer & Explanation
Sign in or unlock SECOPS-PRO to reveal the answer and full explanation for question #37. The question stem and answer options stay visible for context.
Question
A custom PowerShell command is detected by Cortex XDR as a behavioral threat, and the administrator has confirmed it as a false positive. What is the most operationally efficient way to allow this command to run and not be detected by Cortex XDR?
Options
- ACreate an alert exclusion based on CGO hash, signer, and process path.
- BCreate an alert exception based on CGO process path and command arguments.
- CRight click on the alert and create an alert exclusion rule.
- DAdd the SHA256 hash to the allow list.
Unlock SECOPS-PRO to see the answer
You've previewed enough free SECOPS-PRO questions. Unlock SECOPS-PRO for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.